[Email Security] Update based on wiki

Maddy-Cloudflare · Maddy-Cloudflare · commit 6c76e9ed52da · 2025-07-17T14:40:32.000+01:00
diff --git a/src/content/docs/cloudflare-one/email-security/detection-settings/allow-policies.mdx b/src/content/docs/cloudflare-one/email-security/detection-settings/allow-policies.mdx
@@ -5,6 +5,8 @@ sidebar:
   order: 1
 ---
 
+import { Example, Details } from "~/components"
+
 Email Security allows you to configure allow policies. An allow policy exempts messages that match certain patterns from normal detection scanning.
 
 To configure allow policies:
@@ -30,13 +32,54 @@ To configure allow policies:
    - **Uploading an allow policy**: Upload a file no larger than 150 KB. The file can only contain `Pattern`, `Pattern Type`, `Verify Email`, `Trusted Sender`, `Exempt Recipient`, `Acceptable Sender`, `Notes` fields. The first row must be a header row. Refer to [CSV uploads](/cloudflare-one/email-security/detection-settings/allow-policies/#csv-uploads) for an example file.
 6. Select **Save**.
 
-:::caution[Accept sender]
-If you choose to enable **Accept sender**, ensure that **Sender verification (Recommended)** is turned on at all times.
+<Details header="Allow policy configuration use cases">
+    
+The following use cases present some use cases that will show you how to properly configure allow policies.
+
+### Use case 1
+
+<Example title = "Company receives emails from third party providers not used internally. These emails are sent from the service provider, but Email Security gives these emails an incorrect disposition.">
+    This use case can affect companies such as Shopify, PayPal, and Docusign.
+
+    To solve this:
+
+    1. Submit a [team submission](/cloudflare-one/email-security/email-monitoring/search-email/#team-submissions).
+    2. Inform your Cloudflare account about the escalation.
+    3. Avoid setting up allow policies, or blocked senders. In this use case, configuring allow policies will create a security gap. Setting up blocked senders will block legitimate emails from providers such as Shopify, PayPal, and Docusign.
+</Example>
+
+### Use case 2
+
+<Example title = "Company receives emails via third party providers that are used internally. These emails are sent from the custom domain company, but Email Security marks these emails as bulk, spam, or spoof.">
+
+  This use case can cause your inbox to receive too many unwanted emails. This use case can affect companies such as Salesforce, Atlassian, and Figma.
+
+  To solve this, when you add an allow policy in the Zero Trust dashboard, ensure that:
+  
+  1. You choose **Accept sender**.
+  2. Verify that **Sender verification (recommended)** is turned on.
+  
+</Example>
+
+
+### Use case 3
+
+<Example title = "Company receives emails via third party providers that are used internally. These emails are sent from the custom company domain, but Email Security marks these emails as bulk, spam, or spoof. The custom email domain does not support DMARC, SPF, DKIM, and would fail Sender Verification">
+
+  This use case can affect companies such as Salesforce, Atlassian, and Figma.
+
+  To solve this, when you add an allow policy in the Zero Trust dashboard, ensure that:
+
+  1. You choose **Accept sender** based on the static IP you own.
+  2. Ensure that **Sender verification (recommended)** is turned off.
 
-Companies such as PayPal, Docusign, and Shopify should not enable **Sender verification (Recommended)** when configuring an allow policy.
+  :::caution
+  Do not use email addresses or email domains for this case as they can be easily spoofed without **Sender Verification (Recommended)** enabled.
+  :::
+ 
+</Example>
 
-Email Security is able to recognize sender verified emails used for nefarious activity. However, enabling **Accept sender** will cause Email Security to not recognize nefarious activities and therefore create security concerns.
-:::
+</Details>
 
 ### CSV uploads
 
